logoalt Hacker News

hackinthebochsyesterday at 4:06 AM1 replyview on HN

If the credentials are stored for some period of time, then an inspection will reveal those stored credentials within the preservation window. Unannounced inspections will then show with high certainty a legitimate validation process.

The auditor can act as a customer and validate whether phony credentials are rejected.


Replies

lazideyesterday at 4:27 AM

Thanks for agreeing with me?

show 1 reply